Meta

How To Change The SSH Server Port Number

Submitted by admin, on March 8th, 2012

Changing the port number that your SSH server listens on is a simple way to prevent random brute force login attacks against your server. While people can still perform attacks against SSH running on a different port number, most automated tools will default to port 22, and not actually do a full port scan.

Any port number can be used, as long as it is not already in use by another service.

Note: Make sure you are logged in as a user with root privledges when running these commands.

Open the /etc/ssh/sshd_config file in your favorite editor.

# vi /etc/ssh/sshd_config

Look for the following line (it may be commented out, as port 22 is the default):

Port 22

or

#Port 22

Edit this line to reflect the port number you wish to listen on. Un-comment it if it was commented out:

Port 22843

This will set up the SSH server to listen on port 22843.

Save the file and exit the editor.

Restart the SSH daemon:

Ubuntu:

$ sudo service ssh restart

CentOS:

# service sshd restart

FreeBSD:

# service sshd restart

Confirm that it is listening on the new port number by issuing the following command:

netstat -an | grep LISTEN

Make sure that next time you connect, you specify the new port number.